Service Description
Lywand Software GmbH is a cybersecurity company based in Austria with the mission to rethink IT security and make it easier than ever before.
To this end, an automated security audit platform has been developed that provides MSPs with an efficient tool to regularly review and sustainably improve the IT security situation of SMEs.
1. Security Check
External Infrastructure
Lywand carries out a comprehensive check (e.g. web servers, VPN gateways, mail servers, web applications, etc.) for security vulnerabilities and possible gateways from the perspective of a potential attacker. A check is also carried out to determine whether there are any stolen company data records in circulation on the darknet.
Lywand operates a scan cluster that is based on a broad foundation. Scanners developed in-house and adapted open source tools are used for this purpose. In the background is a database with over 150,000 vulnerabilities.
The test area for the external security check is created on the basis of the second level domain (SLD) by using a variety of techniques and methods to capture the entire associated attack surface.
Subdomain discovery: All subdomains that exist under the SLD are identified. This is done using techniques such as brute force, the use of subdomain dictionaries and queries of DNS zone transfers (AXFR).
Email discovery: The content of the identified websites is crawled on the basis of the SLD and associated e-mail addresses are searched for.
IP Addresses: IP addresses for which no specific domain or subdomain is stored can be added manually in the check area.
Known security gaps: A daily updated CVE vulnerability database helps to quickly identify new gaps in security.
Configuration and encryption: "Best practice" standards are reviewed and any deviations are reported as weaknesses.
Web security: Web applications are checked for the OWASP Top 10 security risks.
Password leaks: Data leaks are detected by a connection to the HIBP database
Checks of the external infrastructure are carried out automatically on a monthly basis as standard. The interval of the ongoing checks can be configured at any time. An additional check can also be triggered manually as required.
The duration of the security check can vary and depends on the size of the scope of the check. For a small or medium-sized infrastructure, the check takes approx. 1-3 hours; for a large infrastructure, it may take several hours.
For the external scan, it is important that the IP addresses are enabled on the company's firewall to prevent the scan from being blocked. The IP addresses that must be enabled are: 52.58.126.186, 18.158.3.134 and 3.74.19.219.
Internal Infrastructure
A separate agent was developed to check the internal infrastructure. This agent checks best-practice configurations based on known security vulnerabilities (CVE), as well as current patch statuses on end devices.
In addition, basic security mechanisms such as the Windows firewall, up-to-date anti-virus software and the use of Office macros are also checked. The results of the check are updated daily in the platform.
The internal infrastructure, consisting of client and server end devices, is checked daily using the lywand agent. This runs imperceptibly in the background and is always up to date thanks to auto-updates. The following operating systems are supported: Windows 11, 10, 8.1, 7 and Microsoft Server 2022, 2019, 2016, 2012R2.
The agent is available in two formats: MSI and EXE. The MSI format is used as standard by software distribution tools. There is an automatic update mechanism that ensures that the installed agent on the end devices is always up to date.
System hardening
Known security vulnerabilities (CVE)
The following products are tested:
Products | Platform |
.Net core | Windows |
7Zip | Windows |
AIMP | Windows |
AOL Instant Messenger | Windows |
Activeperl | Windows |
Adobe AIR | Windows |
Adobe Acrobat DC Classic | Windows |
Adobe Acrobat DC continous | Windows |
Adobe Animate | Windows |
Adobe Brackets | Windows |
Adobe Bridge | Windows |
Adobe Captivate | Windows |
Adobe Creative Cloud | Windows |
Adobe Digital Editions | Windows |
Adobe Dreamweaver | Windows |
Adobe Flash Media Server | Windows |
Adobe Flash Player ActiveX | Windows |
Adobe Flash Player Npapi | Windows |
Adobe Flash Player Ppapi | Windows |
Adobe Illustrator | Windows |
Adobe Indesign | Windows |
Adobe Media Encoder | Windows |
Adobe Photoshop | Windows |
Adobe Reader | Windows |
Adobe Reader DC classic | Windows |
Adobe Reader DC continous | Windows |
Adobe Shockwave Player | Windows |
Adobe presenter | Windows |
AnyDesk | Windows |
Apache HTTP Server | Windows |
Apache Tomcat | Windows |
Apple QuickTime | Windows |
Apple Safari | Windows |
Apple iCloud | Windows |
Apple iTunes | Windows |
Audacity | Windows |
Cacti | Windows |
Calibre | Windows |
Ccleaner | Windows |
Cisco Anyconnect | Windows |
Cisco Network Assistant | Windows |
Cisco Security Device Manager | Windows |
Citrix Receiver | Windows |
Comodo Antivirus | Windows |
Confluence server | Windows |
Cygwin | Windows |
Dell SupportAssist | Windows |
Dropbox | Windows |
Evernote | Windows |
FlashGet | Windows |
Foxit Reader | Windows |
GPG4Win | Windows |
Ghostscript | Windows |
Git | Windows |
Google Chrome | Windows |
Google Earth | Windows |
Google Picasa | Windows |
Google Sketchup | Windows |
Inkscape | Windows |
Jenkins | Windows |
JetBrains YouTrack | Windows |
K-meleon | Windows |
Lan Messenger | Windows |
Lenovo System Update | Windows |
LibreOffice | Windows |
Malwarebytes | Windows |
Mozilla FireFox | Windows |
Mozilla Firefox ESR | Windows |
Mozilla SeaMonkey | Windows |
Mozilla Thunderbird | Windows |
Mozilla Thunderbird ESR | Windows |
MySQL | Windows |
MySQL Connector/Net | Windows |
Notepad++ | Windows |
OpenOffice | Windows |
OpenSSH | Windows |
OpenSSL | Windows |
OpenVPN Client | Windows |
Opera | Windows |
Oracle Java JDK | Windows |
Oracle Java JRE | Windows |
Oracle Mapviewer | Windows |
Oracle VirtualBox | Windows |
PGP Desktop | Windows |
PaleMoon | Windows |
PaloAlto Networks GlobalProtect Agent | Windows |
Pidgin | Windows |
PostgreSQL | Windows |
PowerZip | Windows |
Powershell | Windows |
Putty | Windows |
Python | Windows |
RealPlayer | Windows |
RealVNC | Windows |
Skype | Windows |
Sumatra PDF | Windows |
TeamViewer | Windows |
TightVNC | Windows |
Trillian | Windows |
UltraVNC | Windows |
VLC MediaPlayer | Windows |
Vmware Movie Decoder | Windows |
Vmware Player | Windows |
Vmware Tools | Windows |
Vmware Workstation | Windows |
Vsphere Client | Windows |
WinRar | Windows |
WinSCP | Windows |
Winamp | Windows |
Winzip | Windows |
Wireshark | Windows |
Adobe ColdFusion | Windows |
Cisco WebEx Meetings | Windows |
Zoom Client | Windows |
Symantec Endpoint Protection | Windows |
JetBrains PyCharm | Windows |
JetBrains PhpStorm | Windows |
JetBrains TeamCity | Windows |
JetBrains IntelliJ | Windows |
JetBrains WebStorm | Windows |
Microsoft .NET Framework 1.0 | Windows |
Microsoft .NET Framework 1.1 | Windows |
Microsoft .NET Framework 2.0 | Windows |
Microsoft .NET Framework 3.0 | Windows |
Microsoft .NET Framework 3.5 | Windows |
Microsoft .NET Framework 3.5.1 | Windows |
Microsoft .NET Framework 4 | Windows |
Microsoft .NET Framework 4.0 | Windows |
Microsoft .NET Framework 4.5 | Windows |
Microsoft .NET Framework 4.5 SP1 | Windows |
Microsoft .NET Framework 4.5 SP2 | Windows |
Microsoft .NET Framework 4.5.1 | Windows |
Microsoft .NET Framework 4.5.2 | Windows |
Microsoft .NET Framework 4.6 | Windows |
Microsoft .NET Framework 4.6.1 | Windows |
Microsoft .NET Framework 4.6.2 | Windows |
Microsoft .NET Framework 4.7 | Windows |
Microsoft .NET Framework 4.7.1 | Windows |
Microsoft .NET Framework 4.7.2 | Windows |
Microsoft .NET Framework 4.8 | Windows |
Microsoft .NET core runtime 1.0 | Windows |
Microsoft .NET core runtime 1.1 | Windows |
Microsoft .NET core runtime 2.0 | Windows |
Microsoft .NET core runtime 2.1 | Windows |
Microsoft .NET core runtime 2.2 | Windows |
Microsoft .NET core runtime 3.0 | Windows |
Microsoft .NET core runtime 3.1 | Windows |
Microsoft .Net Framework 3.5 | Windows |
Microsoft .Net Framework 4.0 | Windows |
Microsoft 3D Viewer | Windows |
Microsoft ASN.1 Library | Windows |
Microsoft ASP .NET MVC 2.0 | Windows |
Microsoft ASP .NET MVC 3.0 | Windows |
Microsoft ASP .NET MVC 4.0 | Windows |
Microsoft ASP .NET core 1.0 | Windows |
Microsoft ASP .NET core 1.1 | Windows |
Microsoft ASP .NET core 2.0 | Windows |
Microsoft ASP .NET core 2.1 | Windows |
Microsoft ASP .NET core 2.2 | Windows |
Microsoft ASP .NET core 3.0 | Windows |
Microsoft ASP .NET core 3.1 | Windows |
Microsoft Access 2000 | Windows |
Microsoft Access 2002 | Windows |
Microsoft Access 2003 | Windows |
Microsoft Access 2010 | Windows |
Microsoft Access 2013 | Windows |
Microsoft Access 2016 | Windows |
Microsoft Active Directory Federation Services | Windows |
Microsoft Agent | Windows |
Microsoft Anti-Cross Site Scripting Library | Windows |
Microsoft Antigen for Exchange | Windows |
Microsoft Antigen for SMTP Gateway | Windows |
Microsoft Azure Storage Explorer | Windows |
Microsoft BizTalk Server 2002 | Windows |
Microsoft BizTalk Server 2004 | Windows |
Microsoft ChakraCore | Windows |
Microsoft Chart Controls | Windows |
Microsoft Color Management Module | Windows |
Microsoft Commerce Server 2002 | Windows |
Microsoft Commerce Server 2007 | Windows |
Microsoft Commerce Server 2009 | Windows |
Microsoft Commerce Server 2009 R2 | Windows |
Microsoft Communicator 2007 R2 | Windows |
Microsoft Content Management Server | Windows |
Microsoft CryptoAPI | Windows |
Microsoft Data Access Components | Windows |
Microsoft Data Access Components 2.1 | Windows |
Microsoft Data Access Components 2.5 | Windows |
Microsoft Data Access Components 2.6 | Windows |
Microsoft Data Access Components 2.7 | Windows |
Microsoft Data Access Components 2.8 | Windows |
Microsoft DirectPlay | Windows |
Microsoft DirectShow | Windows |
Microsoft Distributed Transaction Coordinator | Windows |
Microsoft Dynamics 365 | Windows |
Microsoft Edge | Windows |
Microsoft Edge (Chromium-based) | Windows |
Microsoft Edge Business (Chromium-based) | Windows |
Microsoft Enhanced Mitigation Experience Toolkit | Windows |
Microsoft Excel 2000 | Windows |
Microsoft Excel 2002 | Windows |
Microsoft Excel 2003 | Windows |
Microsoft Excel 2007 | Windows |
Microsoft Excel 2010 | Windows |
Microsoft Excel 2013 | Windows |
Microsoft Excel 2016 | Windows |
Microsoft Excel 97 | Windows |
Microsoft Excel Viewer | Windows |
Microsoft Excel Viewer 2003 | Windows |
Microsoft Excel Viewer 2007 | Windows |
Microsoft Exchange 2000 Server | Windows |
Microsoft Exchange Server | Windows |
Microsoft Exchange Server 2000 | Windows |
Microsoft Exchange Server 2003 | Windows |
Microsoft Exchange Server 2007 | Windows |
Microsoft Exchange Server 2010 | Windows |
Microsoft Exchange Server 2013 | Windows |
Microsoft Exchange Server 2016 | Windows |
Microsoft Exchange Server 5.0 | Windows |
Microsoft Exchange Server 5.5 | Windows |
Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 | Windows |
Microsoft Expression Design | Windows |
Microsoft Expression Design 2 | Windows |
Microsoft Expression Design 3 | Windows |
Microsoft Expression Design 4 | Windows |
Microsoft Expression Web | Windows |
Microsoft FAST Search Server 2010 for SharePoint | Windows |
Microsoft FTP Service 7.0 | Windows |
Microsoft FTP Service 7.5 | Windows |
Microsoft Forefront Protection 2010 for Exchange Server | Windows |
Microsoft Forefront Security for Exchange Server | Windows |
Microsoft Forefront Security for SharePoint | Windows |
Microsoft Forefront Threat Management Gateway | Windows |
Microsoft Forefront Threat Management Gateway Client | Windows |
Microsoft Forefront Unified Access Gateway 2010 | Windows |
Microsoft FrontPage 2003 | Windows |
Microsoft FrontPage Server Extensions 2000 | Windows |
Microsoft FrontPage Server Extensions 2002 | Windows |
Microsoft Groove Server 2007 | Windows |
Microsoft Groove Server 2010 | Windows |
Microsoft Host Integration Server 2000 | Windows |
Microsoft Host Integration Server 2000 Administrator Client | Windows |
Microsoft Host Integration Server 2004 | Windows |
Microsoft Host Integration Server 2004 Client | Windows |
Microsoft Host Integration Server 2006 | Windows |
Microsoft Host Integration Server 2009 | Windows |
Microsoft Host Integration Server 2010 | Windows |
Microsoft Hyper-V | Windows |
Microsoft Hyper-V Server | Windows |
Microsoft Indexing Service | Windows |
Microsoft InfoPath 2003 | Windows |
Microsoft InfoPath 2007 | Windows |
Microsoft InfoPath 2010 | Windows |
Microsoft Infopath 2010 | Windows |
Microsoft Infopath 2013 | Windows |
Microsoft Input Method Editor Japanese | Windows |
Microsoft Interactive Training | Windows |
Microsoft Internet Explorer | Windows |
Microsoft Internet Explorer 10 | Windows |
Microsoft Internet Explorer 11 | Windows |
Microsoft Internet Explorer 5 | Windows |
Microsoft Internet Explorer 5.01 | Windows |
Microsoft Internet Explorer 6 | Windows |
Microsoft Internet Explorer 7 | Windows |
Microsoft Internet Explorer 8 | Windows |
Microsoft Internet Explorer 9 | Windows |
Microsoft Internet Information Server (IIS) 5.0 | Windows |
Microsoft Internet Information Server (IIS) 5.1 | Windows |
Microsoft Internet Information Server (IIS) 6.0 | Windows |
Microsoft Internet Information Server (IIS) 7.0 | Windows |
Microsoft Internet Information Server (IIS) 7.5 | Windows |
Microsoft Internet Information Server 5.0 | Windows |
Microsoft Internet Information Server 5.1 | Windows |
Microsoft Internet Information Server 6.0 | Windows |
Microsoft Internet Information Server 7.0 | Windows |
Microsoft Internet Information Server 7.5 | Windows |
Microsoft Internet Information Server 8.0 | Windows |
Microsoft Internet Information Server 8.5 | Windows |
Microsoft Internet Information Services 7.0 | Windows |
Microsoft Internet Information Services 7.5 | Windows |
Microsoft Internet Information Services 8.0 | Windows |
Microsoft Internet Information Services 8.5 | Windows |
Microsoft Internet Security and Acceleration Server 2000 | Windows |
Microsoft Internet Security and Acceleration Server 2004 | Windows |
Microsoft Internet Security and Acceleration Server 2006 | Windows |
Microsoft JScript 5.6 | Windows |
Microsoft JScript 5.7 | Windows |
Microsoft JScript 5.8 | Windows |
Microsoft Jet 4.0 Database Engine | Windows |
Microsoft Jet Database Engine | Windows |
Microsoft Live Meeting 2007 | Windows |
Microsoft Live Meeting 2007 Add-In | Windows |
Microsoft Live Meeting 2007 Add-in | Windows |
Microsoft Live Meeting 2007 Console | Windows |
Microsoft Lync 2010 | Windows |
Microsoft Lync 2010 Attendant | Windows |
Microsoft Lync 2010 Attendee | Windows |
Microsoft Lync Basic 2013 | Windows |
Microsoft Lync Server 2010 | Windows |
Microsoft Lync Server 2013 | Windows |
Microsoft MSN Messenger | Windows |
Microsoft Mail | Windows |
Microsoft Management Console | Windows |
Microsoft Media Encoder | Windows |
Microsoft Media Player | Windows |
Microsoft Media Services 4.1 | Windows |
Microsoft Media Services 9 | Windows |
Microsoft Office | Windows |
Microsoft Office 2000 | Windows |
Microsoft Office 2000 SP3 | Windows |
Microsoft Office 2000 Web Components | Windows |
Microsoft Office 2002 | Windows |
Microsoft Office 2003 | Windows |
Microsoft Office 2003 Web Components | Windows |
Microsoft Office 2007 | Windows |
Microsoft Office 2010 | Windows |
Microsoft Office 2010 Filter Pack | Windows |
Microsoft Office 2013 | Windows |
Microsoft Office 2016 | Windows |
Microsoft Office Access 2003 | Windows |
Microsoft Office Access 2007 | Windows |
Microsoft Office Access 2010 | Windows |
Microsoft Office Access 2013 | Windows |
Microsoft Office Access 2016 | Windows |
Microsoft Office Compatibility Pack | Windows |
Microsoft Office Converter Pack | Windows |
Microsoft Office Forms Server 2007 | Windows |
Microsoft Office Groove 2007 | Windows |
Microsoft Office IME | Windows |
Microsoft Office IME Japanese 2007 | Windows |
Microsoft Office InfoPath 2003 | Windows |
Microsoft Office InfoPath 2007 | Windows |
Microsoft Office OneNote 2007 | Windows |
Microsoft Office PowerPoint 2000 | Windows |
Microsoft Office PowerPoint 2000 Service Pack 3 | Windows |
Microsoft Office PowerPoint 2002 | Windows |
Microsoft Office PowerPoint 2002 Service Pack 3 | Windows |
Microsoft Office PowerPoint 2003 | Windows |
Microsoft Office PowerPoint 2003 Service Pack 3 | Windows |
Microsoft Office PowerPoint 2007 | Windows |
Microsoft Office PowerPoint 2010 | Windows |
Microsoft Office PowerPoint Viewer | Windows |
Microsoft Office PowerPoint Viewer 2003 | Windows |
Microsoft Office Publisher 2002 | Windows |
Microsoft Office Publisher 2003 | Windows |
Microsoft Office Publisher 2007 | Windows |
Microsoft Office Publisher 2010 | Windows |
Microsoft Office SharePoint Server 2007 | Windows |
Microsoft Office SharePoint Server 2010 | Windows |
Microsoft Office Small Business Accounting 2006 | Windows |
Microsoft Office Visio 2002 | Windows |
Microsoft Office Visio 2003 | Windows |
Microsoft Office Visio 2007 | Windows |
Microsoft Office Visio Professional 2002 | Windows |
Microsoft Office Visio Professional 2003 | Windows |
Microsoft Office Visio Viewer 2003 | Windows |
Microsoft Office Visio Viewer 2007 | Windows |
Microsoft Office Web Apps | Windows |
Microsoft Office Web Apps 2010 | Windows |
Microsoft Office Web Apps 2013 | Windows |
Microsoft Office Web Apps Server 2010 | Windows |
Microsoft Office Web Apps Server 2013 | Windows |
Microsoft Office Web Apps server 2013 | Windows |
Microsoft Office Word Viewer | Windows |
Microsoft Office XP | Windows |
Microsoft Office XP SP2 | Windows |
Microsoft Office XP SP3 | Windows |
Microsoft Office XP Web Components | Windows |
Microsoft OneDrive | Windows |
Microsoft OneNote 2007 | Windows |
Microsoft OneNote 2010 | Windows |
Microsoft OneNote 2013 | Windows |
Microsoft OneNote 2016 | Windows |
Microsoft Outlook | Windows |
Microsoft Outlook 2000 | Windows |
Microsoft Outlook 2002 | Windows |
Microsoft Outlook 2003 | Windows |
Microsoft Outlook 2007 | Windows |
Microsoft Outlook 2010 | Windows |
Microsoft Outlook 2013 | Windows |
Microsoft Outlook 2016 | Windows |
Microsoft Outlook Express | Windows |
Microsoft Outlook Express 5.5 | Windows |
Microsoft Outlook Express 6 | Windows |
Microsoft Outlook Express 6.0 | Windows |
Microsoft Paint 3D | Windows |
Microsoft PowerPoint | Windows |
Microsoft PowerPoint 2000 | Windows |
Microsoft PowerPoint 2002 | Windows |
Microsoft PowerPoint 2003 | Windows |
Microsoft PowerPoint 2007 | Windows |
Microsoft PowerPoint 2010 | Windows |
Microsoft PowerPoint 2013 | Windows |
Microsoft PowerPoint 2016 | Windows |
Microsoft PowerPoint Viewer | Windows |
Microsoft PowerPoint Viewer 2007 | Windows |
Microsoft PowerPoint Viewer 2010 | Windows |
Microsoft PowerShell Core | Windows |
Microsoft PowerShell Core 6.0 | Windows |
Microsoft PowerShell Core 6.1 | Windows |
Microsoft PowerShell Core 6.2 | Windows |
Microsoft PowerShell Core 7.0 | Windows |
Microsoft Powerpoint 2000 | Windows |
Microsoft Powerpoint 2002 | Windows |
Microsoft Powerpoint 2003 | Windows |
Microsoft Powerpoint 2010 | Windows |
Microsoft Powerpoint 2013 | Windows |
Microsoft Powerpoint 2016 | Windows |
Microsoft Producer 2003 | Windows |
Microsoft Project 2000 | Windows |
Microsoft Project 2002 | Windows |
Microsoft Project 2002 SP1 | Windows |
Microsoft Project 2003 | Windows |
Microsoft Project 2007 | Windows |
Microsoft Project 2010 | Windows |
Microsoft Project 2013 | Windows |
Microsoft Project 2016 | Windows |
Microsoft Project Server 2010 | Windows |
Microsoft Project Server 2013 | Windows |
Microsoft Publisher | Windows |
Microsoft Publisher 2000 | Windows |
Microsoft Publisher 2002 | Windows |
Microsoft Publisher 2003 | Windows |
Microsoft Publisher 2007 | Windows |
Microsoft Publisher 2010 | Windows |
Microsoft Publisher 2013 | Windows |
Microsoft Publisher 2016 | Windows |
Microsoft Report Viewer | Windows |
Microsoft Report Viewer 2008 Redistributable Package | Windows |
Microsoft SQL Server 2000 | Windows |
Microsoft SQL Server 2000 Analysis Services | Windows |
Microsoft SQL Server 2000 Desktop Engine (WMSDE) | Windows |
Microsoft SQL Server 2000 Reporting Services | Windows |
Microsoft SQL Server 2005 | Windows |
Microsoft SQL Server 2008 | Windows |
Microsoft SQL Server 2008 R2 | Windows |
Microsoft SQL Server 2012 | Windows |
Microsoft SQL Server 2014 | Windows |
Microsoft SQL Server 2016 | Windows |
Microsoft SQL Server 2017 | Windows |
Microsoft SQL Server 2019 | Windows |
Microsoft SQL Server Management Studio Express | Windows |
Microsoft Search Server 2008 | Windows |
Microsoft Security Essentials | Windows |
Microsoft Service Bus 1.1 | Windows |
Microsoft SharePoint Designer 2007 | Windows |
Microsoft SharePoint Designer 2010 | Windows |
Microsoft SharePoint Designer 2013 | Windows |
Microsoft SharePoint Foundation 2010 | Windows |
Microsoft SharePoint Foundation 2013 | Windows |
Microsoft SharePoint Server 2007 | Windows |
Microsoft SharePoint Server 2010 | Windows |
Microsoft SharePoint Server 2013 | Windows |
Microsoft SharePoint Server 2013 Client Components SDK | Windows |
Microsoft SharePoint Server 2016 | Windows |
Microsoft SharePoint Server 2019 | Windows |
Microsoft SharePoint Services 2.0 | Windows |
Microsoft SharePoint Services 3.0 | Windows |
Microsoft SharePoint Team Services | Windows |
Microsoft SharePoint Workspace 2010 | Windows |
Microsoft Sharepoint Server 2007 | Windows |
Microsoft Sharepoint Server 2010 | Windows |
Microsoft Sharepoint Server 2013 | Windows |
Microsoft Sharepoint Team Services | Windows |
Microsoft Silverlight | Windows |
Microsoft Silverlight 4 | Windows |
Microsoft Silverlight 5 | Windows |
Microsoft Skype For Business 2016 | Windows |
Microsoft Skype For Business Basic 2016 | Windows |
Microsoft Skype for Business 2016 | Windows |
Microsoft Skype for Business Basic 2016 | Windows |
Microsoft System Center Configuration Manager 2007 | Windows |
Microsoft System Center Configuration Manager 2007 R2 | Windows |
Microsoft System Center Configuration Manager 2007 R3 | Windows |
Microsoft System Center Operations Manager 2007 | Windows |
Microsoft System Center Operations Manager 2007 R2 | Windows |
Microsoft System Center Operations Manager 2012 | Windows |
Microsoft System Center Operations Manager 2012 R2 | Windows |
Microsoft Systems Management Server 2003 | Windows |
Microsoft Teams | Windows |
Microsoft Telnet Service | Windows |
Microsoft Transaction Server (MTS) | Windows |
Microsoft VBScript | Windows |
Microsoft VBScript 5.6 | Windows |
Microsoft VBScript 5.7 | Windows |
Microsoft VBScript 5.8 | Windows |
Microsoft Virtual Machine (VM) | Windows |
Microsoft Virtual PC 2004 | Windows |
Microsoft Virtual PC 2007 | Windows |
Microsoft Virtual Server 2005 | Windows |
Microsoft Virtual Server 2005 R2 | Windows |
Microsoft Visio 2002 | Windows |
Microsoft Visio 2002 SP2 | Windows |
Microsoft Visio 2003 | Windows |
Microsoft Visio 2007 | Windows |
Microsoft Visio 2010 | Windows |
Microsoft Visio 2013 | Windows |
Microsoft Visio 2016 | Windows |
Microsoft Visio Viewer 2002 | Windows |
Microsoft Visio Viewer 2007 | Windows |
Microsoft Visio Viewer 2010 | Windows |
Microsoft Visual Basic 6.0 | Windows |
Microsoft Visual Basic for Applications | Windows |
Microsoft Visual C++ 2005 Redistributable Package | Windows |
Microsoft Visual C++ 2005 Redistribution Pkg | Windows |
Microsoft Visual C++ 2008 Redistributable Package | Windows |
Microsoft Visual C++ 2008 Redistribution Pkg | Windows |
Microsoft Visual C++ 2010 Redistribution Pkg | Windows |
Microsoft Visual FoxPro | Windows |
Microsoft Visual FoxPro 8.0 | Windows |
Microsoft Visual FoxPro 9.0 | Windows |
Microsoft Visual Studio | Windows |
Microsoft Visual Studio .NET 2002 | Windows |
Microsoft Visual Studio .NET 2003 | Windows |
Microsoft Visual Studio 2005 | Windows |
Microsoft Visual Studio 2008 | Windows |
Microsoft Visual Studio 2010 | Windows |
Microsoft Visual Studio 2012 | Windows |
Microsoft Visual Studio 2013 | Windows |
Microsoft Visual Studio 2015 | Windows |
Microsoft Visual Studio 2017 | Windows |
Microsoft Visual Studio 2019 | Windows |
Microsoft Visual Studio Code ESLint extension | Windows |
Microsoft Visual Studio Code Maven Java extension | Windows |
Microsoft Visual Studio Team Foundation Server | Windows |
Microsoft Visual Studio Team Foundation Server 2010 | Windows |
Microsoft Visual Studio Team Foundation Server 2012 | Windows |
Microsoft Visual Studio Team Foundation Server 2013 | Windows |
Microsoft Visual Studio Team Foundation Server 2015 | Windows |
Microsoft Visual Studio Team Foundation Server 2015 Update 4.2 | Windows |
Microsoft Visual Studio Team Foundation Server 2017 | Windows |
Microsoft Visual Studio Team Foundation Server 2017 Update 3.1 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 Update 1.1 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 Update 1.2 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 Update 2 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 Update 3 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 Update 3.1 | Windows |
Microsoft Visual Studio Team Foundation Server 2018 Update 3.2 | Windows |
Microsoft Windows Azure Software Development Kit | Windows |
Microsoft Windows Backup Manager | Windows |
Microsoft Windows Defender | Windows |
Microsoft Windows Essentials 2011 | Windows |
Microsoft Windows Essentials 2012 | Windows |
Microsoft Windows Fax Services Cover Page Editor | Windows |
Microsoft Windows HTTP Services | Windows |
Microsoft Windows Live Mail | Windows |
Microsoft Windows Live OneCare | Windows |
Microsoft Windows Mail | Windows |
Microsoft Windows Media Center | Windows |
Microsoft Windows Media Center TV Pack | Windows |
Microsoft Windows Message Queuing Service | Windows |
Microsoft Windows Messenger | Windows |
Microsoft Windows Messenger 4.7 | Windows |
Microsoft Windows Messenger 5.1 | Windows |
Microsoft Windows Remote Desktop Connection 6.1 | Windows |
Microsoft Windows Remote Desktop Connection 7.0 | Windows |
Microsoft Windows Remote Desktop Connection 7.1 | Windows |
Microsoft Windows Remote Desktop Connection 8.0 | Windows |
Microsoft Windows Remote Desktop Connection 8.1 | Windows |
Microsoft Windows Search 4.0 | Windows |
Microsoft Windows SharePoint Services 2.0 | Windows |
Microsoft Windows SharePoint Services 3.0 | Windows |
Microsoft Windows Workstation Service | Windows |
Microsoft Wireless Display Adapter | Windows |
Microsoft Wireless LAN AutoConfig Service | Windows |
Microsoft Word | Windows |
Microsoft Word 2000 | Windows |
Microsoft Word 2002 | Windows |
Microsoft Word 2003 | Windows |
Microsoft Word 2007 | Windows |
Microsoft Word 2010 | Windows |
Microsoft Word 2013 | Windows |
Microsoft Word 2016 | Windows |
Microsoft Word 97 | Windows |
Microsoft Word 98 | Windows |
Microsoft Word Viewer | Windows |
Microsoft Word for Windows 6.0 Converter | Windows |
Microsoft Wordpad | Windows |
Microsoft Works | Windows |
Microsoft Works 6-9 File Converter | Windows |
Microsoft Works 8 | Windows |
Microsoft Works 8.5 | Windows |
Microsoft Works 9 | Windows |
Microsoft XML Core Services 3.0 | Windows |
Microsoft XML Core Services 4.0 | Windows |
Microsoft XML Core Services 5.0 | Windows |
Microsoft XML Core Services 6.0 | Windows |
Microsoft live meeting 2007 | Windows |
Microsoft VS code TS-Lint extension | Windows |
Microsoft VS code Remote-SSH extension | Windows |
Microsoft VS code Language Support for Java extension | Windows |
Microsoft VS code Java Extension pack | Windows |
VS Code GitHub Pull Requests Extension | Windows |
VS Code Kubernetes Tools Extension | Windows |
VS Code Remote Containers | Windows |
Microsoft Web Media Extensions | Windows |
Microsoft Accessibility Insights for Web | Windows |
Microsoft .Net Education Bundle and .NET install tool | Windows |
.NET Education Bundle SDK Install Tool | Windows |
.NET Install Tool for Extension Authors | Windows |
Microsoft Remote Desktop Client | Windows |
Microsoft VS code jshint extension | Windows |
Microsoft VS code Python Extension | Windows |
PowershellGet Module | Windows |
Microsoft Windows Codecs extensions | Windows |
Microsoft Azure AD Connect | Windows |
Microsoft Azure AD Connect Provisioning Agent | Windows |
Azure Open Management Infrastructure | Windows |
Microsoft Office 2019 | Windows |
Microsoft Office 2021 LTSC | Windows |
Microsoft WSL extension | Windows |
Microsoft Office 2021 for Mac | Windows |
Microsoft Endpoint Configuration Manager | Windows |
Microsoft Visual Studio Code Jupyter extension | Windows |
Microsoft Dynamics NAV 2018 | Windows |
Microsoft Windows Sysmon | Windows |
Microsoft Windows Terminal | Windows |
Microsoft Visual Studio 2022 | Windows |
Microsoft .NET core runtime 7.0 | Windows |
Microsoft 3d Builder | Windows |
Microsoft Azure Service Fabric | Windows |
Sharepoint Server Subscription edition | Windows |
Microsoft Remote Desktop App | Windows |
Microsoft SQL Server 2022 | Windows |
Microsoft TeamsJS | Windows |
Apache CouchDB | Windows |
Atlassian Bamboo CI Server | Windows |
Avant Browser | Windows |
Avast! AntiVrius | Windows |
AVG AntiVirus | Windows |
Bit Defender | Windows |
BSPlayer | Windows |
CA Internet Security Suite | Windows |
CuteFTP | Windows |
Docker | Windows |
Dropbox | Windows |
F-Secure AntiVirus | Windows |
FileZilla Server | Windows |
FireBird | Windows |
Flock | Windows |
Foxit PhantomPDF | Windows |
GIMP | Windows |
GoodTech SSH Server | Windows |
Google backup and sync | Windows |
IBM DB2 | Windows |
IBM WebSphere Application Server | Windows |
ImageMagick | Windows |
ImgBurn | Windows |
IrfanView | Windows |
KasperSky AV | Windows |
KM Player | Windows |
Mongo DB | Windows |
Novell Groupwise | Windows |
PHP | Windows |
Puppet Agent | Windows |
RaidenFTPD | Windows |
Recuva | Windows |
Ruby | Windows |
Ruby on Rails | Windows |
SolarWinds TFTP Server | Windows |
Telegram Desktop | Windows |
Trend Micro Internet Security | Windows |
Vmware Horizontal Client | Windows |
WinGate | Windows |
WSO2 API Manager | Windows |
BlueJeans Desktop | Windows |
Cisco Jabber | Windows |
Cisco Proximity | Windows |
RSA Secure ID Token | Windows |
Solarwinds Event Log Forwarder | Windows |
Solarwinds SCP/SFTP Server | Windows |
PHP for WAMP/XAMPP | Windows |
Indusoft WebStudio | Windows |
Apache Spark | Windows |
Grails Framework | Windows |
TechSmith Screen Capture Codec | Windows |
MS Azure RTOS | Windows |
Amazon Chime | Windows |
VeraCrypt | Windows |
Atom | Windows |
Mimecast | Windows |
Amazon Chime | Windows |
Httrack | Windows |
Clickshare extension | Windows |
Pair Downloader | Windows |
Techsmith camtasia | Windows |
Spring Cloud Function | Windows |
Wazuh Agent | Windows |
Jamovi | Windows |
Apache Jena | Windows |
Node.js | Windows |
Bento4 | Windows |
Atlassian Jira Server | Windows |
Okta ScaleFT | Windows |
Atlassian Bitbucket Server | Windows |
Apache Commons Config | Windows |
softether VPN client | Windows |
3CX DesktopApp | Windows |
Apache derby | Windows |
Apache SSHD | Windows |
Appium Desktop | Windows |
Dell EMC OpenManage Server Administrator | Windows |
dojo | Windows |
Expo Software Development Kit | Windows |
FasterXML Jackson-databind | Windows |
Malwarebytes | Windows |
PaperCut NG | Windows |
Unreal Engine | Windows |
The first check takes place directly after installation on the end device. Each end device is then automatically checked on a daily basis.
As soon as the agent is installed on the end device, the first check begins. It can take up to an hour for the first results to be visible on this platform.
2. Presentation of the Results
Lywand displays the results of a security audit in different ways depending on the use case. The security dashboard is suitable for a rough overview. The House Analogy is suitable for visualizing vulnerabilities. The Check Insights and Vulnerabilities pages are suitable for technical details.
Security Dashboard
Once a security audit has been completed, the company's security situation is clearly displayed on the Security Dashboard. Specifically, the following results are displayed:
General safety rating, in the American school grading system from A to F
Overview of number & risk distribution of vulnerabilities
Historical development of ratings
List of the most vulnerable targets and products
Individual assessment of various security categories (passwords, software up-to-dateness, web security, etc.)
House Analogy
The House Analogy is a graphical representation of the security situation. The current security situation of the company is illustrated with the help of a house. A distinction is made between five different sub-areas: Front door, façade, windows, letterbox and garbage. These reflect the condition of the building - and therefore the current IT security situation.
Check Insights
The Check Insights tab contains all information on the security check and the check methods used. This tab is particularly informative for viewing the current status of the checked targets. For example, open ports, activated users and installed programs as well as information on the initial startup, Windows version, domain, firewall and antivirus are displayed here.
Vulnerabilities
In the menu item "Vulnerabilities" there is a list of all weaknesses found with the respective detailed information:
Description & technical solution to fix the vulnerability
Proof of the check on the basis of which the vulnerability was found
Risk breakdown & CVSS vector for assessing criticality
Date on which the vulnerability was found
Network port, IP address(es) & solution type
Recommended measures
Best Practices
The menu item "Best Practices" provides an overview of the conformity of the targets according to CIS Benchmarks.
The degree of fulfillment of the CIS Benchmarks can be viewed, as well as detailed descriptions and effects of the individual CIS Benchmark Controls.
3. Vulnerability Management
Prioritization of Weaknesses
An individual risk assessment is created for each vulnerability, which is made up of the following factors:
Severity: CVSS (Common Vulnerability Scoring System) is used to determine the severity. This score takes into account various metrics such as the impact on the confidentiality, integrity and availability of data as well as the complexity of the exploitation of the vulnerability.
Probability of occurrence: EPSS (Exploit Prediction Scoring System) is used to determine the probability of occurrence. Artificial intelligence is used daily to determine how likely it is that the discovered vulnerability will be exploited by an attacker within the next 30 days.
Known exploited vulnerability: CISA's Known Exploited Vulnerabilities (KEV) catalog shows whether a vulnerability has already been successfully exploited, as well as vulnerabilities associated with ransomware campaigns.
Planning of Measures
To improve IT security, lywand proposes specific recommendations for action to resolve the vulnerabilities found. These are grouped so that it is possible to eliminate a large number of vulnerabilities with a small number of measures. Measures can be planned in the renovation plan, in the individual security categories or on the Vulnerabilities page. The renovation plan serves as a to-do list to support the planning and implementation of measures.
Elimination of Weaknesses
Lywand offers extensive information on the elimination of vulnerabilities. You can navigate from the measure to the individual weak points. As soon as a measure has been completed, it can be ticked off in the corresponding line in the renovation plan.
Optionally, internal vulnerabilities can be automatically remedied on the end devices using the "Auto-Healing" feature. The following products can be updated automatically via the agent:
Microsoft Windows Suite
Java ab Version 6
Firefox ab Version 31
Foxit PDF Reader
Validation of the Vulnerabilities
During the next security review, lywand will check whether the implemented measure is actually effective and whether the security gaps have been eliminated.
4. Reporting & Data Export
Management Report
The Management Report summarizes the results of the safety review in a compact and easy-to-understand format. In addition to the current overall rating, it contains a breakdown of the best and worst categories.
It also shows how the rating has developed over time and which rating can be achieved with the planned measures. The reviewed objectives, their risk and the review methods used are also listed.
Export Options
Measures: The renovation plan includes all planned measures and can be exported as a CSV file.
Vulnerabilities: Detailed information on the weak points can be exported as a CSV file.
Best Practices: The CIS Benchmark Controls can be exported as a CSV file, including detailed descriptions, degree of fulfillment and a list of fulfilled and unfulfilled targets.
5. Architecture
Lywand is operated in the AWS Cloud in Frankfurt, Germany. The data center is both physically and digitally secured and certified according to proven IT standards (ISO 27001, ISO 27017, ISO 27018, PCI DSS and many more certifications).
6. Certifiability
Dealing with the topic of risk and vulnerability management is a prerequisite for many companies. lywand provides comprehensive support in these areas in particular and helps with the implementation of the following certifications or management systems:
ISMS
NIS2
ISO 27001
TISAX
IT-Grundschutz nach BSI
7. Data Protection
As an Austrian company, lywand is subject to all legal provisions of the European Union. As a result, lywand works in compliance with the GDPR and places the highest value on data protection. If required, an order processing contract (AVV) can be requested at any time.
The lywand servers are hosted within the EU, more precisely in Frankfurt/Germany. The data center has the highest security standards and certifications.
Technical and Organizational Measures
The following technical and organizational measures are taken to protect personal data.
Entry control at the Frankfurt data center is ensured by AWS and is certified in accordance with ISO/IEC 27001:2013. These certifications are carried out by independent external auditors.
Access to the data processing systems is ensured by means of the following measures:
Technical measures:
Multi-factor authentication (user name, password, OTP, biometrics)
Access only via logged bastion host using asymmetric cryptography
Zero-trust environment
No publication of remote access
Encryption of data carriers
Logged and tamper-proof infrastructure through "Infrastructure as Code"
Organizational measures:
User authorizations are logged and versioned
Central password assignment
Enforcement of a secure password
Measures that ensure that persons authorized to use a data processing system can only access the data subject to their access authorization and that personal data cannot be read, copied, modified or removed without authorization during processing, use and after storage:
Technical measures:
Encryption of data storage devices
Organizational measures:
Data is not required outside the data processing systems
Role-based access control
Measures to ensure that data collected for different purposes can be processed separately:
Technical measures:
Separation of production and test environments
Physical separation of the systems (located in different data centers)
Multi-client capability of the data records
Measures to ensure that personal data is not read, copied, altered or removed without authorization during electronic transmission or during its transport or storage on data carriers:
Technical measures:
Transport encryption
Measures that ensure that it is possible to subsequently check and determine whether and by whom personal data has been entered, modified or removed from data processing systems:
Technical measures:
Technical logging of the entry, modification and deletion of access data
No pseudonymization of the data is necessary. Test and development systems work with artificial test data.
Measures that ensure data encryption:
Technical measures:
Encryption of data in transit using TLS
Database encryption (AES-256)
Encrypted and controlled access to data processing systems
Measures to ensure that personal data is protected against accidental destruction or loss:
Technical measures:
Use of fail-safe storage methods (availability: 99.999999999% / year)
Data mirroring between two data centers
Daily backups
Organizational measures:
Regular data recovery tests
Storage of the data backup outside the server room
Measures to ensure that personal data is protected against accidental destruction or loss:
Technical measures:
Automatic import of system updates
Redundant cluster
Automatic scaling of cluster resources
Measures to ensure that personal data is protected against accidental destruction or loss:
Technical measures:
The redundant application cluster is provided automatically via Terraform and by design is not susceptible to accidental destruction or loss. Recovery would be possible very quickly due to the logged infrastructure code and the numerous redundancies.
Measures to ensure that personal data processed on behalf of the client can only be processed in accordance with the client's instructions.
Organizational measures:
Due to the principle of data economy, only minimal data that is absolutely necessary for the provision of the service is processed.
Processed data is only used within go.lywand.com.
Ensuring the destruction of data after completion of the order
Measures to ensure that methods are evaluated to systematically plan, organize, manage and control the legal and operational requirements of data protection.
Organizational measures:
Anchoring the position of data protection officer at C-level
Employee training on data protection
Obligation of employees to maintain data confidentiality
Measures that ensure that security incidents can be prevented or, in the case of security incidents that have already occurred, that data and systems can be protected and that the security incident can be analyzed and rectified quickly:
Technical measures:
Zero-Trust infrastructure
Ongoing security scans
Use of firewall and regular updates
Use of spam filters and regular updates
Use of virus scanners and regular updates
Organizational measures:
Documentation of security incidents
Involvement of data protection officers in security incidents
Clear process for regulating responsibilities in the event of security incidents
Measures that ensure that a certain level of data protection is already in place in advance through the corresponding technical design (privacy by design) and factory settings (privacy by default) of software.
Organizational measures:
Personal data is only collected for the intended purpose
Principle of data minimization mapped in the software architecture
Guarantee that a data subject can easily exercise their right to withdraw consent
8. Support
First-level support is provided directly by the lywand partner to the customer. If the partner needs support, lywand is there to help. Typical support requests could include bug fixing, processing false positives, questions about functions and the like.